Part 1: Networking Today

Networks Affect Our Lives

Networking Today
Networks Connect Us

Communication is almost as important to us as our

reliance on air, water, food, and shelter. In today’s world,
through the use of networks, we are connected like never
before.
Networking Today
No Boundaries

• World without boundaries

• Global communities
• Human network
Network Components
Network Components
Host Roles
Every computer on a network is
called a host or end device.
Servers are computers that provide
information to end devices:
• email servers Server Description
• web servers Type
Email Email server runs email server software.
• file server
Clients use client software to access email.
Clients are computers that send Web Web server runs web server software.
requests to the servers to retrieve Clients use browser software to access web pages.
information:
 web page from a web server File File server stores corporate and user files.
The client devices access these files.
 email from an email server
Network Components
Peer-to-Peer
It is possible to have a device be a client and a server in a Peer-to-Peer Network. This type of
network design is only recommended for very small networks.

Advantages Disadvantages
Easy to set up No centralized administration
Less complex Not as secure
Lower cost Not scalable

Used for simple tasks: transferring files and sharing printers Slower performance
Network Components
End Devices
An end device is where a message originates from or where it is received. Data originates with an end
device, flows through the network, and arrives at an end device.
Network Components
Intermediary Network Devices
An intermediary device interconnects end devices. Examples include switches, wireless access
points, routers, and firewalls.
Management of data as it flows through a network is also the role of an intermediary device,
including:
 Regenerate and retransmit data signals.
 Maintain information about what pathways exist in the network.
 Notify other devices of errors and communication failures.
Network Components
Network Media
Communication across a network is carried through a medium which allows a message to travel from source to
destination.

Media Types Description

Metal wires within cables Uses electrical impulses

Glass or plastic fibers Uses pulses of light.

within cables (fiber-optic
cable)

Wireless transmission Uses modulation of

specific frequencies of
electromagnetic waves.
Network Representations and
Topologies
Network Representations and Topologies
Network Representations
Network diagrams, often called topology
diagrams, use symbols to represent
devices within the network.
Important terms to know include:
 Network Interface Card (NIC)
 Physical Port
 Interface

Note: Often, the terms port and

interface are used interchangeably
Network Representations and Topologies
Topology Diagrams
Physical topology diagrams illustrate the physical Logical topology diagrams illustrate devices,
location of intermediary devices and cable ports, and the addressing scheme of the
installation. network.
Common Types of Networks
Common Types of Networks
Networks of Many Sizes
• Small Home Networks – connect a few
computers to each other and the
Internet
• Small Office/Home Office – enables
computer within a home or remote
office to connect to a corporate
Small Home SOHO network
• Medium to Large Networks – many
locations with hundreds or thousands of
interconnected computers
• World Wide Networks – connects
hundreds of millions of computers
world-wide – such as the internet
Medium/Large World Wide
Common Types of Networks
LANs and WANs
Network infrastructures vary greatly in
terms of:
• Size of the area covered
• Number of users connected
• Number and types of services
available
• Area of responsibility

Two most common types of networks:

• Local Area Network (LAN)
• Wide Area Network (WAN).
Common Types of Networks
LANs and WANs (cont.)
A LAN is a network infrastructure that spans a A WAN is a network infrastructure that spans a
small geographical area. wide geographical area.

LAN WAN
Interconnect end devices in a limited area. Interconnect LANs over wide geographical areas.
Administered by a single organization or Typically administered by one or more service
individual. providers.
Provide high-speed bandwidth to internal Typically provide slower speed links between LANs.
devices.
Common Types of Networks
The Internet
The internet is a worldwide collection of
interconnected LANs and WANs.
• LANs are connected to each other using
WANs.
• WANs may use copper wires, fiber optic
cables, and wireless transmissions.
The internet is not owned by any individual
or group. The following groups were
developed to help maintain structure on
the internet:
 IETF
 ICANN
 IAB
Common Types of Networks
Intranets and Extranets

An intranet is a private collection of LANs

and WANs internal to an organization that
is meant to be accessible only to the
organizations members or others with
authorization.
An organization might use an extranet to
provide secure access to their network for
individuals who work for a different
organization that need access to their
data on their network.
Internet Connections
Internet Connections There are many ways to connect users
and organizations to the internet:
Internet Access Technologies
 Popular services for home users
and small offices include
broadband cable, broadband
digital subscriber line (DSL),
wireless WANs, and mobile
services.
 Organizations need faster
connections to support IP
phones, video conferencing and
data center storage.
 Business-class interconnections
are usually provided by service
providers (SP) and may include:
business DSL, leased lines, and
Metro Ethernet.
Internet Connections
Home and Small Office Internet Connections
Connection Description

Cable high bandwidth, always on, internet

offered by cable television service
providers.

DSL high bandwidth, always on, internet

connection that runs over a
telephone line.
Cellular uses a cell phone network to connect
to the internet.

Satellite major benefit to rural areas without

Internet Service Providers.
Dial-up an inexpensive, low bandwidth option
telephone using a modem.
Internet Connections
Businesses Internet Connections
Corporate business connections may require: Type of Description
Connection
 higher bandwidth
Dedicated These are reserved circuits within the
 dedicated connections Leased Line service provider’s network that
connect distant offices with private
 managed services
voice and/or data networking.

Ethernet This extends LAN access technology

WAN into the WAN.

DSL Business DSL is available in various

formats including Symmetric Digital
Subscriber Lines (SDSL).

Satellite This can provide a connection when a

wired solution is not available.
Internet Connections
The Converging Network

Before converged networks, an

organization would have been
separately cabled for telephone, video,
and data. Each of these networks would
use different technologies to carry the
signal.
Each of these technologies would use a
different set of rules and standards.
Internet Connections
The Converging Network (Cont.)
Converged data networks carry
multiple services on one link
including:
• data
• voice
• video
Converged networks can deliver data,
voice, and video over the same
network infrastructure. The network
infrastructure uses the same set of
rules and standards.
Reliable Networks
Reliable Network
Network Architecture
Network Architecture refers to the
technologies that support the
infrastructure that moves data across the
network.
There are four basic characteristics that
the underlying architectures need to
address to meet user expectations:
• Fault Tolerance
• Scalability
• Quality of Service (QoS)
• Security
Reliable Network
Fault Tolerance
A fault tolerant network limits the impact
of a failure by limiting the number of
affected devices. Multiple paths are
required for fault tolerance.
Reliable networks provide redundancy by
implementing a packet switched network:
• Packet switching splits traffic into
packets that are routed over a
network.
• Each packet could theoretically take
a different path to the destination.
This is not possible with circuit-switched
networks which establish dedicated
circuits.
Reliable Network
Scalability

A scalable network can expand

quickly and easily to support
new users and applications
without impacting the
performance of services to
existing users.
Network designers follow
accepted standards and
protocols in order to make the
networks scalable.
Reliable Network
Quality of Service
Voice and live video transmissions require
higher expectations for those services being
delivered.
Have you ever watched a live video with
constant breaks and pauses? This is caused
when there is a higher demand for bandwidth
than available – and QoS isn’t configured.
• Quality of Service (QoS) is the primary
mechanism used to ensure reliable delivery
of content for all users.
• With a QoS policy in place, the router can
more easily manage the flow of data and
voice traffic.
Reliable Network There are two main types of network
Network Security security that must be addressed:
• Network infrastructure security
• Physical security of network
devices
• Preventing unauthorized access
to the devices
• Information Security
• Protection of the information or
data transmitted over the
network
Three goals of network security:
 Confidentiality – only intended recipients
can read the data
 Integrity – assurance that the data has not
be altered with during transmission
 Availability – assurance of timely and
reliable access to data for authorized
users
Network Trends
Network Trends
Recent Trends
The role of the network must adjust and
continually transform in order to be able
to keep up with new technologies and end
user devices as they constantly come to
the market.
Several new networking trends that effect
organizations and consumers:
• Bring Your Own Device (BYOD)
• Online collaboration
• Video communications
• Cloud computing
Network Trends
Bring Your Own Device
Bring Your Own Device (BYOD) allows users
to use their own devices giving them more
opportunities and greater flexibility.
BYOD allows end users to have the
freedom to use personal tools to access
information and communicate using their:
 Laptops
 Netbooks
 Tablets
 Smartphones
 E-readers
BYOD means any device, with any
ownership, used anywhere.
Network Trends
Online Collaboration
 Collaborate and work with others over
the network on joint projects.
 Collaboration tools including Cisco
WebEx (shown in the figure) gives users
a way to instantly connect and
interact.
 Collaboration is a very high priority for
businesses and in education.
 Cisco Webex Teams is a multifunctional
collaboration tool.
• send instant messages
• post images
• post videos and links
Network Trends
Video Communication

• Video calls are made to anyone, regardless of where they are located.
• Video conferencing is a powerful tool for communicating with others.
• Video is becoming a critical requirement for effective collaboration.
• Cisco TelePresence powers is one way of working where everyone,
everywhere.
 Network Trends
Cloud Computing

Cloud computing allows us to store personal files or backup our data on servers over the internet.
 Applications can also be accessed using the Cloud.
 Allows businesses to deliver to any device anywhere in the world.

Cloud computing is made possible by data centers.

 Smaller companies that can’t afford their own data centers, lease server and storage services from larger data center
organizations in the Cloud.
Network Trends
Cloud Computing (Cont.)
Four types of Clouds:
• Public Clouds
• Available to the general public through a pay-per-use model or for free.
• Private Clouds
• Intended for a specific organization or entity such as the government.
• Hybrid Clouds
• Made up of two or more Cloud types – for example, part custom and part public.
• Each part remains a distinctive object but both are connected using the same
architecture.
• Custom Clouds
• Built to meet the needs of a specific industry, such as healthcare or media.
• Can be private or public.
Network Security
Network Security
Security Threats
 Network security is an integral
part of networking regardless of
the size of the network.
 The network security that is
implemented must take into
account the environment while
securing the data, but still
allowing for quality of service
that is expected of the network.
 Securing a network involves many
protocols, technologies, devices,
tools, and techniques in order to
secure data and mitigate threats.
 Threat vectors might be external
or internal.
Network Security
Security Threats (Cont.) External Threats:
 Viruses, worms, and Trojan
horses
 Spyware and adware
 Zero-day attacks
 Threat Actor attacks
 Denial of service attacks
 Data interception and theft
 Identity theft

Internal Threats:
 lost or stolen devices
 accidental misuse by
employees
 malicious employees
Network Security
Security Solutions
Security must be implemented in multiple
layers using more than one security solution.
Network security components for home or
small office network:
 Antivirusand antispyware software
should be installed on end devices.
 Firewallfiltering used to block
unauthorized access to the network.
Network Security
Security Solutions
(Cont.)
Larger networks have additional security
requirements:
 Dedicated firewall system
 Access control lists (ACL)
 Intrusion prevention systems (IPS)
 Virtual private networks (VPN)
The study of network security starts with a
clear understanding of the underlying switching
and routing infrastructure.
The IT Professional
The IT Professional
CCNA The Cisco Certified Network Associate (CCNA)
certification:
• demonstrates that you have a knowledge of
foundational technologies
• ensures you stay relevant with skills needed
for the adoption of next-generation
technologies.

The new CCNA focus:

• IP foundation and security topics
• Wireless, virtualization, automation, and
network programmability.

New DevNet certifications at the associate,

specialist and professional levels, to validate
your software development skills.
Specialist certification validate your skills in line
with your job role and interests.
Part 1: Summary
Part 2: Protocols and Models
The Rules
The Rules
Communications Fundamentals
Networks can vary in size and complexity. It is not enough to have a connection,
devices must agree on “how” to communicate.
There are three elements to any communication:
 There will be a source (sender).
 There will be a destination (receiver).
 There will be a channel (media) that provides for the path of communications
to occur.
The Rules
Communications Protocols
• All communications are governed by protocols.
• Protocols are the rules that communications will follow.
• These rules will vary depending on the protocol.
 The Rules
Rule Establishment
• Individuals must use established rules or agreements to govern the conversation.
• The first message is difficult to read because it is not formatted properly. The second
shows the message properly formatted
 The Rules
Rule Establishment (Cont.)

Protocols must account for the following requirements:

 An identified sender and receiver
 Common language and grammar
 Speed and timing of delivery
 Confirmation or acknowledgment requirements
 The Rules
Network Protocol Requirements

Common computer protocols must be in agreement and include the following

requirements:
 Message encoding
 Message formatting and encapsulation
 Message size
 Message timing
 Message delivery options
 The Rules
Message Encoding
• Encoding is the process of converting information into another acceptable form
for transmission.
• Decoding reverses this process to interpret the information.
 The Rules
Message Formatting and Encapsulation
• When a message is sent, it must use a specific format or structure.
• Message formats depend on the type of message and the channel that is used to
deliver the message.
 The Rules
Message Size
Encoding between hosts must be in an appropriate format for the medium.
 Messages sent across the network are converted to bits
 The bits are encoded into a pattern of light, sound, or electrical impulses.
 The destination host must decode the signals to interpret the message.
The Rules
Message Timing

Message timing includes the following:

Flow Control – Manages the rate of data transmission and defines how much information can
be sent and the speed at which it can be delivered.
Response Timeout – Manages how long a device waits when it does not hear a reply from
the destination.
Access method - Determines when someone can send a message.
 There may be various rules governing issues like “collisions”. This is when more than
one device sends traffic at the same time and the messages become corrupt.
 Some protocols are proactive and attempt to prevent collisions; other protocols are
reactive and establish a recovery method after the collision occurs.
 The Rules
Message Delivery Options
Message delivery may one of the following methods:
 Unicast – one to one communication
 Multicast – one to many, typically not all
 Broadcast – one to all

Note: Broadcasts are used in IPv4 networks, but are not an option for IPv6. Later we will also
see “Anycast” as an additional delivery option for IPv6.
Protocols
Protocols
Network Protocol Overview
Network protocols define a Protocol Type Description
common set of rules.
• Can be implemented on
devices in: Network enable two or more devices to communicate over
Communications one or more networks
 Software
 Hardware Network Security secure data to provide authentication, data
 Both integrity, and data encryption
• Protocols have their own:
Routing enable routers to exchange route information,
 Function compare path information, and select best path
 Format
 Rules Service Discovery used for the automatic detection of devices or
services
Protocols
Network Protocol Functions
• Devices use agreed-upon protocols
to communicate .
• Protocols may have may have one
or functions.

Function Description
Addressing Identifies sender and receiver
Reliability Provides guaranteed delivery
Flow Control Ensures data flows at an efficient rate
Sequencing Uniquely labels each transmitted segment of data
Error Detection Determines if data became corrupted during transmission
Application Interface Process-to-process communications between network applications
Protocols
Protocol Interaction
• Networks require the use of several protocols.
• Each protocol has its own function and format.

Protocol Function
Hypertext Transfer ▪ Governs the way a web server and a web client interact
Protocol (HTTP) ▪ Defines content and format
Transmission Control ▪ Manages the individual conversations
Protocol (TCP) ▪ Provides guaranteed delivery
▪ Manages flow control
Internet Protocol (IP) Delivers messages globally from the sender to the receiver
Ethernet Delivers messages from one NIC to another NIC on the same Ethernet Local
Area Network (LAN)
Protocol Suites
Protocol Suites
Network Protocol Suites
Protocols must be able to work with other
protocols.
Protocol suite:
 A group of inter-related protocols
necessary to perform a communication
function
 Sets of rules that work together to
help solve a problem
The protocols are viewed in terms of layers:
 Higher Layers
 Lower Layers- concerned with moving
data and provide services to upper
layers
 Protocol Suites
Evolution of Protocol Suites
There are several protocol suites.
• Internet Protocol Suite or TCP/IP- The
most common protocol suite and
maintained by the Internet Engineering Task
Force (IETF)
• Open Systems Interconnection (OSI)
protocols- Developed by the International
Organization for Standardization (ISO) and
the International Telecommunications Union
(ITU)
• AppleTalk- Proprietary suite release by
Apple Inc.
• Novell NetWare- Proprietary suite
developed by Novell Inc.
 Protocol Suites
TCP/IP Protocol Example

• TCP/IP protocols operate at the

application, transport, and
internet layers.
• The most common network
access layer LAN protocols are
Ethernet and WLAN (wireless
LAN).
 Protocol Suites
TCP/IP Protocol Suite

• TCP/IP is the protocol suite used by

the internet and includes many
protocols.
• TCP/IP is:
 An open standard protocol suite that
is freely available to the public and
can be used by any vendor
 A standards-based protocol suite that
is endorsed by the networking
industry and approved by a
standards organization to ensure
interoperability
 Protocol Suites
TCP/IP Communication Process
• A web server encapsulating and sending a • A client de-encapsulating the web page
web page to a client. for the web browser
Standards Organizations
Standards Organizations
Open Standards
Open standards encourage:
• interoperability
• competition
• innovation
Standards organizations are:
• vendor-neutral
• non-profit organizations
• established to develop and promote the
concept of open standards.
Standards Organizations
Internet Society (ISOC) - Promotes
Internet Standards •
the open development and evolution
of internet
• Internet Architecture Board (IAB) -
Responsible for management and
development of internet standards
• Internet Engineering Task Force
(IETF) - Develops, updates, and
maintains internet and TCP/IP
technologies
• Internet Research Task Force
(IRTF) - Focused on long-term
research related to internet and
TCP/IP protocols
Standards Organizations
Internet Standards (Cont.)
Standards organizations involved with the
development and support of TCP/IP
 Internet Corporation for Assigned
Names and Numbers (ICANN) -
Coordinates IP address allocation, the
management of domain names, and
assignment of other information
 Internet Assigned Numbers
Authority (IANA) - Oversees and
manages IP address allocation,
domain name management, and
protocol identifiers for ICANN
Reference Models
Reference Models
The Benefits of Using a Layered Model

Complex concepts such as how a

network operates can be difficult to
explain and understand. For this
reason, a layered model is used.
Two layered models describe network
operations:
• Open System Interconnection (OSI)
Reference Model
• TCP/IP Reference Model
 Reference Models
The Benefits of Using a Layered Model
(Cont.)
These are the benefits of using a layered model:
• Assist in protocol design because protocols that operate at a specific layer have
defined information that they act upon and a defined interface to the layers
above and below
• Foster competition because products from different vendors can work together
• Prevent technology or capability changes in one layer from affecting other layers
above and below
• Provide a common language to describe networking functions and capabilities
Reference Models
The OSI Reference Model
OSI Model Layer Description
7 - Application Contains protocols used for process-to-process communications.
Provides for common representation of the data transferred between application
6 - Presentation
layer services.

5 - Session Provides services to the presentation layer and to manage data exchange.

Defines services to segment, transfer, and reassemble the data for individual
4 - Transport
communications.

3 - Network Provides services to exchange the individual pieces of data over the network.

2 - Data Link Describes methods for exchanging data frames over a common media.

1 - Physical Describes the means to activate, maintain, and de-activate physical connections.
Reference Models
The TCP/IP Reference Model

TCP/IP Model
Description
Layer
Application Represents data to the user, plus encoding and dialog control.

Transport Supports communication between various devices across diverse networks.

Internet Determines the best path through the network.

Network Access Controls the hardware devices and media that make up the network.
Reference Models
OSI and TCP/IP Model Comparison

• The OSI model divides the network

access layer and the application
layer of the TCP/IP model into
multiple layers.
• The TCP/IP protocol suite does not
specify which protocols to use when
transmitting over a physical
medium.
• OSI Layers 1 and 2 discuss the
necessary procedures to access the
media and the physical means to
send data over a network.
Data Encapsulation
Data Encapsulation
Segmenting Messages
Segmenting is the process of breaking up
messages into smaller units. Multiplexing is
the processes of taking multiple streams of
segmented data and interleaving them
together.
Segmenting messages has two primary
benefits:
• Increases speed - Large amounts of
data can be sent over the network
without tying up a communications link.
• Increases efficiency - Only segments
which fail to reach the destination need
to be retransmitted, not the entire data
stream.
Data Encapsulation
Sequencing

Sequencing messages is the process of

numbering the segments so that the
message may be reassembled at the
destination.
TCP is responsible for sequencing the
individual segments.
Data Encapsulation
Encapsulation is the process where protocols
Protocol Data Units add their information to the data.
• At each stage of the process, a PDU has a
different name to reflect its new functions.
• There is no universal naming convention for
PDUs, in this course, the PDUs are named
according to the protocols of the TCP/IP
suite.
• PDUs passing down the stack are as follows:
1. Data (Data Stream)
2. Segment
3. Packet
4. Frame
5. Bits (Bit Stream)
 Data Encapsulation
Encapsulation Example

• Encapsulation is a top down

process.
• The level above does its process
and then passes it down to the
next level of the model. This
process is repeated by each
layer until it is sent out as a bit
stream.
 Data Encapsulation
De-encapsulation Example
• Data is de-encapsulated as it moves up
the stack.
• When a layer completes its process,
that layer strips off its header and
passes it up to the next level to be
processed. This is repeated at each
layer until it is a data stream that the
application can process.
1. Received as Bits (Bit Stream)
2. Frame
3. Packet
4. Segment
5. Data (Data Stream)
Data Access
Data Access
Addresses
Both the data link and network layers use addressing to deliver data from source to
destination.
Network layer source and destination addresses - Responsible for delivering the IP
packet from original source to the final destination.
Data link layer source and destination addresses – Responsible for delivering the data
link frame from one network interface card (NIC) to another NIC on the same network.
 Data Access
Layer 3 Logical Address
The IP packet contains two IP
addresses:
 Source IP address - The IP
address of the sending device,
original source of the packet.
 Destination IP address - The IP
address of the receiving device,
final destination of the packet.
These addresses may be on the same
link or remote.
 Data Access
Layer 3 Logical Address (Cont.)
An IP address contains two parts:
• Network portion (IPv4) or Prefix (IPv6)
 The left-most part of the address
indicates the network group which the IP
address is a member.
 Each LAN or WAN will have the same
network portion.
• Host portion (IPv4) or Interface ID
(IPv6)
 The remaining part of the address
identifies a specific device within the
group.
 This portion is unique for each device on
the network.
Data Access
Devices on the Same Network

When devices are on the same network

the source and destination will have
the same number in network portion of
the address.
 PC1 – 192.168.1.110
 FTP Server – 192.168.1.9
Data Access
Role of the Data Link Layer Addresses: Same IP Network
When devices are on the same Ethernet
network the data link frame will use the
actual MAC address of the destination
NIC.
MAC addresses are physically embedded
into the Ethernet NIC and are local
addressing.
• The Source MAC address will be that of
the originator on the link.
• The Destination MAC address will
always be on the same link as the
source, even if the ultimate
destination is remote.
Data Access
Devices on a Remote Network
• What happens when the actual
(ultimate) destination is not on the
same LAN and is remote?
• What happens when PC1 tries to
reach the Web Server?
• Does this impact the network and
data link layers?
Data Access
Role of the Network Layer Addresses

When the source and destination have a

different network portion, this means
they are on different networks.
 PC1 – 192.168.1
 Web Server – 172.16.1
Data Access
Role of the Data Link Layer Addresses: Different IP Networks
When the final destination is remote, Layer 3 will
provide Layer 2 with the local default gateway IP
address, also known as the router address.
• The default gateway (DGW) is the router
interface IP address that is part of this LAN
and will be the “door” or “gateway” to all
other remote locations.
• All devices on the LAN must be told about this
address or their traffic will be confined to the
LAN only.
• Once Layer 2 on PC1 forwards to the default
gateway (Router), the router then can start
the routing process of getting the information
to actual destination.
Data Access
Role of the Data Link Layer Addresses: Different IP Networks
(Cont.)
• The data link addressing is local
addressing so it will have a source
and destination for each link.
• The MAC addressing for the first
segment is :
 Source – AA-AA-AA-AA-AA-AA
(PC1) Sends the frame.
 Destination – 11-11-11-11-11-11
(R1- Default Gateway MAC)
Receives the frame.
Note: While the L2 local addressing will change
from link to link or hop to hop, the L3
addressing remains the same.
Data Access
Data Link Addresses
• Since data link addressing is local addressing, it will have a source and destination for
each segment or hop of the journey to the destination.
• The MAC addressing for the first segment is:
 Source – (PC1 NIC) sends frame
 Destination – (First Router- DGW interface) receives frame
Data Access
Data Link Addresses (Cont.)
The MAC addressing for the second hop is:
 Source – (First Router- exit interface) sends frame
 Destination – (Second Router) receives frame
Data Access
Data Link Addresses (Cont.)
The MAC addressing for the last segment is:
 Source – (Second Router- exit interface) sends frame
 Destination – (Web Server NIC) receives frame
Data Access
Data Link Addresses (Cont.)
• Notice that the packet is not modified, but the frame is changed, therefore the L3 IP
addressing does not change from segment to segment like the L2 MAC addressing.
• The L3 addressing remains the same since it is global and the ultimate destination is still
the Web Server.
Lab
 Packet Tracer Lab
Part 2 Summary
Part 3: Basic Switch and End
Device Configuration
Cisco IOS Access
 Cisco IOS Access
Operating Systems

• Shell - The user interface that allows

users to request specific tasks from the
computer. These requests can be made
either through the CLI or GUI interfaces.
• Kernel - Communicates between the
hardware and software of a computer
and manages how hardware resources
are used to meet software
requirements.
• Hardware - The physical part of a
computer including underlying
electronics.
 Cisco IOS Access
GUI
• A GUI allows the user to interact with the
system using an environment of graphical
icons, menus, and windows.
• A GUI is more user-friendly and requires less
knowledge of the underlying command
structure that controls the system.
• Examples of these are: Windows, macOS,
Linux KDE, Apple iOS and Android.
• GUIs can fail, crash, or simply not operate as
specified. For these reasons, network
devices are typically accessed through a CLI.
Cisco IOS Access
Purpose of an OS
PC operating system enables a user to do the CLI-based network operating system enables a
following:
network technician to do the following:
 Use a mouse to make selections and • Use a keyboard to run CLI-based
run programs network programs
 Enter text and text-based commands • Use a keyboard to enter text and
 View output on a monitor text-based commands
• View output on a monitor
 Cisco IOS Access
Access Methods

• Console – A physical management port used

to access a device in order to provide
maintenance, such as performing the initial
configurations.
• Secure Shell (SSH) – Establishes a secure
remote CLI connection to a device, through
a virtual interface, over a network. (Note:
This is the recommended method for
remotely connecting to a device.)
• Telnet – Establishes an insecure remote CLI
connection to a device over the network.
(Note: User authentication, passwords and
commands are sent over the network in
plaintext.)
 Cisco IOS Access
Terminal Emulation Programs
• Terminal emulation programs are used to connect to a network device by either a console
port or by an SSH/Telnet connection.
• There are several terminal emulation programs to chose from such as PuTTY, Tera Term
and SecureCRT.
IOS Navigation
IOS Navigation
Primary Command Modes

User EXEC Mode:

 Allows access to only a limited
number of basic monitoring
commands
 Identified by the CLI prompt that
ends with the > symbol

Privileged EXEC Mode:

• Allows access to all commands
and features
• Identified by the CLI prompt
that ends with the # symbol
IOS Navigation
Configuration Mode and Subconfiguration
Modes
Global Configuration Mode:
 Used to access configuration
options on the device

Line Configuration Mode:

 Used to configure console,
SSH, Telnet or AUX access

Interface Configuration Mode:

 Used to configure a switch
port or router interface
IOS Navigation
Navigation Between IOS Modes
 Privileged EXEC Mode:
 To move from user EXEC mode to privilege EXEC
mode, use the enabled command.

 Global Configuration Mode:

 To move in and out of global configuration
mode, use the configure terminal command. To
return to privilege EXEC mode, use the exit
command.
 Line Configuration Mode:
 To move in and out of line configuration mode,
use the line command followed by the
management line type. To return to global
configuration mode, use the exit command.
IOS Navigation
Navigation Between IOS Modes (Cont.)

Subconfiguration Modes:
 To move out of any subconfiguration mode to get
back to global configuration mode, use the exit
command. To return to privilege EXEC mode, use
the end command or key combination Ctrl +Z.

 To move directly from one subconfiguration mode

to another, type in the desired subconfiguration
mode command. In the example, the command
prompt changes from (config-line)# to (config-
if)#.
The Command Structure
The Command Structure
Basic IOS Command Structure

• Keyword – This is a specific parameter defined in the operating system (in the figure, ip
protocols).
• Argument - This is not predefined; it is a value or variable defined by the user (in the
figure, 192.168.10.5).
The Command Structure
IOS Command Syntax Check
A command might require one or more arguments. To determine the keywords and
arguments required for a command, refer to the command syntax.
 Boldface text indicates commands and keywords that are entered as shown.
 Italic text indicates an argument for which the user provides the value.

Convention Description
Boldface text indicates commands and keywords that you enter literally as
boldface
shown.
italics Italic text indicates arguments for which you supply values.

[x] Square brackets indicate an optional element (keyword or argument).

{x} Braces indicate a required element (keyword or argument).

Braces and vertical lines within square brackets indicate a required choice
[x {y | z }] within an optional element. Spaces are used to clearly delineate parts of the
command.
The Command Structure
IOS Command Syntax Check (Cont.)
 The command syntax provides the pattern, or format, that must be used when entering a command.

▪ The command is ping and the user-defined

argument is the ip-address of the
destination device. For example, ping
10.10.10.5.
▪ The command is traceroute and the
user-defined argument is the ip-
address of the destination device. For
example, traceroute
192.168.254.254.
▪ If a command is complex with multiple arguments, you may see it represented like this:
The Command Structure
IOS Help Features
The IOS has two forms of help available: context-sensitive help and command
syntax check.

• Context-sensitive help enables you to • Command syntax check verifies

quickly find answers to these questions: that a valid command was entered
• Which commands are available in each command
by the user.
mode? • If the interpreter cannot understand the
• Which commands start with specific characters or command being entered, it will provide
group of characters? feedback describing what is wrong with
the command.
• Which arguments and keywords are available to
particular commands?
The Command Structure
Hot Keys and Shortcuts
• The IOS CLI provides hot keys and shortcuts that make configuring, monitoring, and
troubleshooting easier.
• Commands and keywords can be shortened to the minimum number of characters
that identify a unique selection. For example, the configure command can be
shortened to conf because configure is the only command that begins with conf.
The Command Structure
Hot Keys and Shortcuts (Cont.)

 The table below is a brief list of keystrokes to enhance command line editing.

Keystroke Description

Tab Completes a partial command name entry.

Backspace Erases the character to the left of the cursor.

Left Arrow or Ctrl+B Moves the cursor one character to the left.

Right Arrow or Ctrl+F Moves the cursor one character to the right.

Recalls the commands in the history buffer, beginning with

Up Arrow or Ctrl+P
the most recent commands.
The Command Structure
Hot Keys and Shortcuts (Cont.)
• When a command output produces more text
than can be displayed in a terminal window,
the IOS will display a “--More--” prompt.
• The table below lists commands that can
The table below describes the keystrokes
that can be used when this prompt is be used to exit out of an operation.
displayed.

Keystroke Description Keystroke Description

When in any configuration mode, ends the
Enter Key Displays the next line. Ctrl-C configuration mode and returns to privileged EXEC
mode.
When in any configuration mode, ends the
Space Bar Displays the next screen. Ctrl-Z configuration mode and returns to privileged EXEC
mode.
Ends the display string, returning to All-purpose break sequence used to abort DNS
Any other key Ctrl-Shift-6
privileged EXEC mode. lookups, traceroutes, pings, etc.

Note: To see more hot keys and shortcuts refer to 2.3.5.

Basic Device Configuration
 Basic Device Configuration
Device Names
• The first configuration command on any device should be
to give it a unique hostname.
• By default, all devices are assigned a factory default name.
For example, a Cisco IOS switch is "Switch.”

• Guideline for naming devices:

• Start with a letter
• Contain no spaces
• End with a letter or digit
• Use only letters, digits, and dashes Note: To return the switch to the default
prompt, use the no hostname global
• Be less than 64 characters in length config command.
 Basic Device Configuration
Password Guidelines
• The use of weak or easily guessed passwords are a security concern.
• All networking devices should limit administrative access by securing privileged EXEC,
user EXEC, and remote Telnet access with passwords. In addition, all passwords should
be encrypted and legal notifications provided.

• Password Guidelines:
• Use passwords that are more than eight
characters in length.
• Use a combination of upper and lowercase
letters, numbers, special characters, and/or
numeric sequences. Note: Most of the labs in this course use simple
passwords such as cisco or class. These passwords
• Avoid using the same password for all are considered weak and easily guessable and should
devices. be avoided in production environments.
• Do not use common words because they are
easily guessed.
 Basic Device Configuration
Configure Passwords

Securing user EXEC mode access:

 First enter line console configuration mode using
the line console 0 command in global
configuration mode.
 Next, specify the user EXEC mode password using
the password password command.
 Finally, enable user EXEC access using
the login command.

Securing privileged EXEC mode access:

• First enter global configuration mode.
• Next, use the enable secret password command.
 Basic Device Configuration
Configure Passwords (Cont.)

Securing VTY line access:

 First enter line VTY configuration mode
using the line vty 0 15 command in
global configuration mode.
 Next, specify the VTY password using
the password password command.
 Finally, enable VTY access using
the login command.

▪ Note: VTY lines enable remote access using Telnet or SSH to the device. Many Cisco
switches support up to 16 VTY lines that are numbered 0 to 15.
 Basic Device Configuration
Encrypt Passwords
▪ Use the show running-config command
to verify that the passwords on the
 The startup-config and running-config files display device are now encrypted.
most passwords in plaintext.
 To encrypt all plaintext passwords, use the service
password-encryption global config command.
 Basic Device Configuration
Banner Messages

 A banner message is important to warn

unauthorized personnel from attempting to
access the device. The banner will be displayed on attempts to access the device.
 To create a banner message of the day on a
network device, use the banner motd # the
message of the day # global config
command.

Note: The “#” in the command syntax is called

the delimiting character. It is entered before
and after the message.
Save Configurations
 Save Configurations
Configuration Files
 There are two system files that store the device configuration:
 startup-config - This is the saved configuration file that is stored in NVRAM. It contains all the commands that will be used by the
device upon startup or reboot. Flash does not lose its contents when the device is powered off.
 running-config - This is stored in Random Access Memory (RAM). It reflects the current configuration. Modifying a running
configuration affects the operation of a Cisco device immediately. RAM is volatile memory. It loses all of its content when the
device is powered off or restarted.
 To save changes made to the running configuration to the startup configuration file, use the copy running-config startup-
config privileged EXEC mode command.
 Save Configurations
Alter the Running Configurations
If changes made to the running config do not have the
desired effect and the running-config has not yet been
saved, you can restore the device to its previous
configuration. To do this you can:
 Remove the changed commands individually.
 Reload the device using the reload command in
privilege EXEC mode. Note: This will cause the
device to briefly go offline, leading to network
downtime.
If the undesired changes were saved to the startup-
config, it may be necessary to clear all the
configurations using the erase startup-config
command in privilege EXEC mode.
 After erasing the startup-config, reload the device to
clear the running-config file from RAM.
 Save Configurations
Capture Configuration to a Text File

Configuration files can also be saved and archived to a

text document.
• Step 1. Open terminal emulation software, such as
PuTTY or Tera Term, that is already connected to a
switch.
• Step 2. Enable logging in to the terminal software
and assign a name and file location to save the log
file. The figure displays that All session
output will be captured to the file specified (i.e.,
MySwitchLogs).
 Save Configurations
Capture Configuration to a Text File (Cont.)

• Step 3. Execute the show running-config or show

startup-config command at the privileged EXEC
prompt. Text displayed in the terminal window will
be placed into the chosen file.
• Step 4. Disable logging in the terminal software.
The figure shows how to disable logging by
choosing the None session logging option

Note: The text file created can be used as a record of

how the device is currently implemented. The file could
require editing before being used to restore a saved
configuration to a device.
Ports and Addresses
 Ports and Addresses
IP Addresses
• The use of IP addresses is the primary means of
enabling devices to locate one another and
establish end-to-end communication on the
internet.
• The structure of an IPv4 address is called dotted
decimal notation and is represented by four
decimal numbers between 0 and 255.
• An IPv4 subnet mask is a 32-bit value that
differentiates the network portion of the address
from the host portion. Coupled with the IPv4
address, the subnet mask determines to which
subnet the device is a member.
• The default gateway address is the IP address of
the router that the host will use to access
remote networks, including the internet.
 Ports and Addresses
IP Addresses (Cont.)
• IPv6 addresses are 128 bits in length and
written as a string of hexadecimal values.
Every four bits is represented by a single
hexadecimal digit; for a total of 32
hexadecimal values. Groups of four
hexadecimal digits are separated by a
colon “:”.
• IPv6 addresses are not case-sensitive and
can be written in either lowercase or
uppercase.

Note: IP in this course refers to both the IPv4 and IPv6

protocols. IPv6 is the most recent version of IP and is
replacing the more common IPv4.
 Ports and Addresses
Interfaces and Ports
• Network communications depend on end user
device interfaces, networking device
interfaces, and the cables that connect
them.
• Types of network media include twisted-pair
copper cables, fiber-optic cables, coaxial
cables, or wireless.
• Different types of network media have
different features and benefits. Some of the
differences between various types of media
include:
 Distance the media can successfully carry a signal

 Environment in which the media is to be installed

 Amount of data and the speed at which it must be

transmitted

 Cost of the media and installation

Configure IP Addressing
 Configure IP Addressing
Manual IP Address Configuration for End
Devices

• End devices on the network need an IP address in order to

communicate with other devices on the network.
• IPv4 address information can be entered into end devices
manually, or automatically using Dynamic Host
Configuration Protocol (DHCP).
 To manually configure an IPv4 address on a Windows PC, open
the Control Panel > Network Sharing Center > Change
adapter settings and choose the adapter. Next right-click and
select Properties to display the Local Area Connection
Properties.
 Next, click Properties to open the Internet Protocol Version
4 (TCP/IPv4) Properties window. Then configure the IPv4
address and subnet mask information, and default gateway.

Note: IPv6 addressing and configuration

options are similar to IPv4.
 Configure IP Addressing
Automatic IP Address Configuration for End
Devices
• DHCP enables automatic IPv4 address
configuration for every end device that
is DHCP-enabled.
• End devices are typically by default
using DHCP for automatic IPv4 address
configuration.
 To configure DHCP on a Windows PC, open
the Control Panel > Network Sharing Center >
Change adapter settings and choose the
adapter. Next right-click and select Properties to
display the Local Area Connection Properties.
 Next, click Properties to open the Internet
Protocol Version 4 (TCP/IPv4)
Properties window, then select Obtain an IP
address automatically and Obtain DNS server Note: IPv6 uses DHCPv6 and SLAAC (Stateless Address
address automatically. Autoconfiguration) for dynamic address allocation.
Configure IP Addressing
Switch Virtual Interface Configuration

To access the switch remotely, an IP address and a subnet mask must be configured on the SVI.
To configure an SVI on a switch:
 Enter the interface vlan 1 command in global configuration mode.
 Next assign an IPv4 address using the ip address ip-address subnet-mask command.
 Finally, enable the virtual interface using the no shutdown command.
Verify Connectivity
Verify Connectivity
Verify Connectivity with Ping
Whether your network is small and new, or you are scaling an existing network, you will
always want to be able to verify that your components are properly connected to each
other and to the internet.
• The ping command, available on most operating systems, is the most effective way to
quickly test Layer 3 connectivity between a source and destination IP address.
• The ping command uses the Internet Control Message Protocol (ICMP) echo (ICMP Type
8) and echo reply (ICMP Type 0) messages.
Verify Connectivity
Verify Connectivity with Ping (Cont.)
On a Windows 10 host, the ping command sends four consecutive ICMP echo messages and
expects four consecutive ICMP echo replies from the destination. The IOS ping sends five
ICMP echo messages and displays an indicator for each ICMP echo reply received.

IOS Ping Indicators are as follows:

Element Description
•Exclamation mark indicates successful receipt of an echo reply message.
!
•It validates a Layer 3 connection between source and destination.
•A period means that time expired waiting for an echo reply message.
.
•This indicates a connectivity problem occurred somewhere along the path.
•Uppercase U indicates a router along the path responded with an ICMP Type 3 “destination unreachable”
error message.
U
•Possible reasons include the router does not know the direction to the destination network or it could
not find the host on the destination network.

Note: Other possible ping replies include Q, M, ?, or &. However, the meaning of these are out of scope for this module.
Verify Connectivity
Extended Ping
The Cisco IOS offers an "extended" mode
of the ping command.

Extended ping is entered in privileged

EXEC mode by typing ping without a
destination IP address. You will then be
given several prompts to customize the
extended ping.

Note: Pressing Enter accepts the

indicated default values. The ping
ipv6 command is used for IPv6 extended
pings.
Verify Connectivity
Verify Connectivity with Traceroute
The ping command is useful to quickly determine if there is a Layer 3 connectivity
problem. However, it does not identify where the problem is located along the path.
• Traceroute can help locate Layer 3 problem areas in a network. A trace returns a list of
hops as a packet is routed through a network.
• The syntax of the trace command varies between operating systems.
Verify Connectivity
Verify Connectivity with Traceroute (Cont.)
• The following is a sample output of tracert command on a Windows 10 host.
Note: Use Ctrl-C to interrupt a tracert in Windows.
• The only successful response was from the gateway on R1. Trace requests to the
next hop timed out as indicated by the asterisk (*), meaning that the next hop
router did not respond or there is a failure in the network path. In this example
there appears to be a problem between R1 and R2.
Verify Connectivity
Verify Connectivity with Traceroute (Cont.)
The following are sample outputs of traceroute command from R1:

• On the left, the trace validated that it could successfully reach PC B.

• On the right, the 10.1.1.10 host was not available, and the output shows asterisks
where replies timed out. Timeouts indicate a potential network problem.
• Use Ctrl-Shift-6 to interrupt a traceroute in Cisco IOS.

Note: Windows implementation of traceroute (tracert) sends ICMP Echo Requests. Cisco IOS and
Linux use UDP with an invalid port number. The final destination will return an ICMP port
unreachable message.
Verify Connectivity
Extended Traceroute
Like the extended ping command, there is also an extended traceroute command. It
allows the administrator to adjust parameters related to the command operation.

The Windows tracert command allows the input of several parameters through options
in the command line. However, it is not guided like the extended traceroute IOS
command. The following output displays the available options for the
Windows tracert command:
Verify Connectivity
Extended Traceroute (Cont.)
• The Cisco IOS extended traceroute option enables
the user to create a special type of trace by
adjusting parameters related to the command
operation.
• Extended traceroute is entered in privileged EXEC
mode by typing traceroute without a destination
IP address. IOS will guide you through the
command options by presenting a number of
prompts related to the setting of all the different
parameters.

• Note: Pressing Enter accepts the indicated default

values.
Verify Connectivity
Network Baseline
• One of the most effective tools for monitoring and troubleshooting network
performance is to establish a network baseline.
• One method for starting a baseline is to copy and paste the results from an executed
ping, trace, or other relevant commands into a text file. These text files can be time
stamped with the date and saved into an archive for later retrieval and comparison.
• Among items to consider are error messages and the response times from host to host.
• Corporate networks should have extensive baselines; more extensive than we can
describe in this course. Professional-grade software tools are available for storing and
maintaining baseline information.
Part 3 Summary